While biometric authentication for commercial use so far mainly has been used for local device unlock use cases, there are great opportunities for using it also for central authentication such as for remote login. However, many current biometric sensors like for instance mobile fingerprint sensors have too large false acceptance rate (FAR) not allowing them, for security reasons, to be used in larger user group for central identification purposes. A straightforward way to avoid this FAR problem is to either request a user unique identifier such as a device identifier or require the user to enter a unique user ID prior to making the biometric matching. Usage of a device identifier does not work when a user desires to authenticate on a... (More)

While biometric authentication for commercial use so far mainly has been used for local device unlock use cases, there are great opportunities for using it also for central authentication such as for remote login. However, many current biometric sensors like for instance mobile fingerprint sensors have too large false acceptance rate (FAR) not allowing them, for security reasons, to be used in larger user group for central identification purposes. A straightforward way to avoid this FAR problem is to either request a user unique identifier such as a device identifier or require the user to enter a unique user ID prior to making the biometric matching. Usage of a device identifier does not work when a user desires to authenticate on a previously unused device of a generic type. Furthermore, requiring the user at each login occasion to enter a unique user ID, is not at all user-friendly. To avoid this problem, we in this paper investigate an alternative, most user-friendly approach, for identification in combination with biometric-based authentication using metadata filtering. An evaluation of the adopted approach is carried out using realistic simulations of the Swedish population to assess the feasibility of the proposed system. The results show that metadata filtering in combination with traditional biometric-based matching is indeed a powerful tool for providing reliable, and user-friendly, central authentication services for large user groups. (Less)

@article{5ab93dce-1043-48d7-8faa-092043108a34,
abstract = {While biometric authentication for commercial use so far mainly has been used for local device unlock use cases, there are great opportunities for using it also for central authentication such as for remote login. However, many current biometric sensors like for instance mobile fingerprint sensors have too large false acceptance rate (FAR) not allowing them, for security reasons, to be used in larger user group for central identification purposes. A straightforward way to avoid this FAR problem is to either request a user unique identifier such as a device identifier or require the user to enter a unique user ID prior to making the biometric matching. Usage of a device identifier does not work when a user desires to authenticate on a previously unused device of a generic type. Furthermore, requiring the user at each login occasion to enter a unique user ID, is not at all user-friendly. To avoid this problem, we in this paper investigate an alternative, most user-friendly approach, for identification in combination with biometric-based authentication using metadata filtering. An evaluation of the adopted approach is carried out using realistic simulations of the Swedish population to assess the feasibility of the proposed system. The results show that metadata filtering in combination with traditional biometric-based matching is indeed a powerful tool for providing reliable, and user-friendly, central authentication services for large user groups.},
articleno = {7},
author = {Gehrmann, Christian and Rodan, Marcus and Jönsson, Niklas},
issn = {2510-523X},
keyword = {Biometric authentication,Metadata filtering,System simulation},
language = {eng},
month = {06},
number = {1},
pages = {17},
publisher = {Springer Open},
series = {EURASIP Journal on Information Security},
title = {Metadata filtering for user-friendly centralized biometric authentication},
url = {http://dx.doi.org/10.1186/s13635-019-0093-3},
volume = {2019},
year = {2019},
}